Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7dc9f0e1-f459-488b-91a4-d783253227a4.roa
File:                     7dc9f0e1-f459-488b-91a4-d783253227a4.roa (raw, json)
Hash identifier:          cQw71ieh9lC14s/uMswzpnctD2/dhgzy8CUvspSrT7k=
Subject key identifier:   EA:F1:FA:A8:81:30:9A:87:56:A5:1B:AA:91:46:0B:C5:08:DD:76:0C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       367B33E0B6DE4CA8529FAB98FF18EC26C177C966
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7dc9f0e1-f459-488b-91a4-d783253227a4.roa
Signing time:             Tue 19 Mar 2024 00:00:00 +0000
ROA not before:           Tue 19 Mar 2024 00:00:00 +0000
ROA not after:            Tue 23 Apr 2024 23:59:59 +0000
asID:                     16509
IP address blocks:        16.122.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 12:04:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:7b:33:e0:b6:de:4c:a8:52:9f:ab:98:ff:18:ec:26:c1:77:c9:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 19 00:00:00 2024 GMT
            Not After : Apr 23 23:59:59 2024 GMT
        Subject: serialNumber=609fab9cbbb93e7af556f339e1fbe1fdc2c53cad224c59df644bbce6a163818d, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:84:dd:fd:fe:c0:03:37:5f:ed:42:ae:7a:1e:
                    6b:56:05:be:30:b2:6f:bb:4b:bc:7e:25:0c:a5:c2:
                    d6:6a:44:47:ae:08:0c:bf:44:0f:76:0e:0e:f7:fc:
                    b6:e1:08:af:34:c6:8b:1d:3e:9d:58:e7:ea:fa:f3:
                    f6:b0:46:04:47:02:d4:2f:2a:ee:fd:ef:92:96:18:
                    69:79:b2:29:9e:ce:ef:70:58:ca:5b:cf:54:09:ce:
                    51:e6:61:4b:4c:a6:60:1d:36:24:67:68:4c:8b:c5:
                    c7:cb:db:48:55:72:d1:62:73:63:03:f9:d8:fb:e2:
                    f1:f4:a6:01:4f:e7:d4:39:ad:c3:a5:51:09:d0:04:
                    bd:d8:77:c1:2b:59:24:c0:99:35:69:7a:29:ca:81:
                    83:01:f4:b5:ec:2d:27:7e:9c:86:c3:78:24:5d:07:
                    4e:77:a4:94:de:83:d9:d0:2a:59:96:fc:1a:db:68:
                    49:f8:ab:2d:10:ba:68:c8:64:ee:a7:68:60:1f:93:
                    fb:55:37:85:92:5c:5a:d3:7c:83:36:8f:9b:2b:84:
                    3e:f9:52:57:96:45:7e:e1:f7:d9:df:70:28:f1:65:
                    67:a3:9a:95:81:5e:a7:0c:be:ed:f6:f6:bc:bc:15:
                    2a:21:f9:dd:b3:54:b5:ba:ed:1d:ad:c0:c8:fe:29:
                    06:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:F1:FA:A8:81:30:9A:87:56:A5:1B:AA:91:46:0B:C5:08:DD:76:0C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7dc9f0e1-f459-488b-91a4-d783253227a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  16.122.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         90:c9:ad:d8:2b:33:77:2c:88:b9:20:29:06:46:34:51:af:d1:
         12:e9:fa:1d:35:52:af:b8:ec:a2:37:79:f7:e5:b2:2c:a6:33:
         3e:2f:36:05:aa:62:2c:cd:93:74:ad:dc:b6:90:dc:18:c2:f7:
         7e:a4:2b:3f:f5:a6:ad:82:20:1f:92:3c:ca:bb:c0:7a:4a:4c:
         14:53:6f:aa:a5:08:25:e8:81:49:4f:69:dc:5c:9e:5b:79:89:
         35:8b:5c:c4:e6:f2:ed:48:b6:c9:1a:2a:c6:90:47:4f:dc:aa:
         43:bb:ce:5b:de:2f:da:90:1a:44:bd:d5:21:74:e9:79:43:0a:
         0c:dc:ac:1d:9f:d7:7a:c7:18:62:ce:af:4b:ce:4d:1b:83:c1:
         a2:6c:61:40:f1:7d:1f:1b:b0:3c:f2:8e:5a:e6:1b:16:88:27:
         28:e1:65:0d:4d:4f:ec:35:31:55:3f:2e:d4:16:85:0c:93:b6:
         6a:9f:51:9a:60:bb:56:63:eb:fa:77:64:74:56:88:91:1f:a8:
         b8:9b:4f:f4:8a:90:7c:1c:ef:e2:00:f0:cf:02:a8:4c:53:38:
         88:fa:8e:4c:ad:ff:89:77:8f:77:d0:a9:d9:4e:b6:f3:a3:1e:
         fb:fe:bd:c3:6c:ce:92:c6:78:e2:1f:12:0e:e9:4f:06:8d:cc:
         70:62:95:bb
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUNnsz4LbeTKhSn6uY/xjsJsF3yWYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjQwMzE5MDAwMDAwWhcNMjQwNDIzMjM1OTU5
WjB6MUkwRwYDVQQFE0A2MDlmYWI5Y2JiYjkzZTdhZjU1NmYzMzllMWZiZTFmZGMy
YzUzY2FkMjI0YzU5ZGY2NDRiYmNlNmExNjM4MThkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDjhN39/sADN1/tQq56HmtWBb4wsm+7S7x+JQylwtZqREeu
CAy/RA92Dg73/LbhCK80xosdPp1Y5+r68/awRgRHAtQvKu7975KWGGl5simezu9w
WMpbz1QJzlHmYUtMpmAdNiRnaEyLxcfL20hVctFic2MD+dj74vH0pgFP59Q5rcOl
UQnQBL3Yd8ErWSTAmTVpeinKgYMB9LXsLSd+nIbDeCRdB053pJTeg9nQKlmW/Brb
aEn4qy0QumjIZO6naGAfk/tVN4WSXFrTfIM2j5srhD75UleWRX7h99nfcCjxZWej
mpWBXqcMvu329ry8FSoh+d2zVLW67R2twMj+KQZpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU6vH6qIEwmodWpRuqkUYLxQjddgwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdkYzlmMGUxLWY0NTktNDg4Yi05MWE0LWQ3ODMyNTMyMjdhNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwAQejANBgkqhkiG9w0BAQsFAAOCAQEAkMmt2CszdyyIuSApBkY0Ua/REun6
HTVSr7jsojd59+WyLKYzPi82BapiLM2TdK3ctpDcGML3fqQrP/WmrYIgH5I8yrvA
ekpMFFNvqqUIJeiBSU9p3FyeW3mJNYtcxOby7Ui2yRoqxpBHT9yqQ7vOW94v2pAa
RL3VIXTpeUMKDNysHZ/XescYYs6vS85NG4PBomxhQPF9HxuwPPKOWuYbFognKOFl
DU1P7DUxVT8u1BaFDJO2ap9RmmC7VmPr+ndkdFaIkR+ouJtP9IqQfBzv4gDwzwKo
TFM4iPqOTK3/iXePd9Cp2U6286Me+/69w2zOksZ44h8SDulPBo3McGKVuw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:37:05 2024 by rpki-client on console-fra.rpki-client.org